Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…

Read More

Editor's Note A global Microsoft server outage disrupting critical services from airline operations to banking is also having a significant impact on healthcare, according to multiple news reports. On example is a Friday, July 19 report from CBS News reporting that Mass General Brigham, the largest health care system in…

Read More

Editor's Note Introduced by a bipartisan group of Senators, the Healthcare Cybersecurity Act aims to bolster the cyber-defenses of healthcare entities through the collaboration of the U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA). According to a July 16 report in HealthExec,…

Read More

Editor's Note The US Food and Drug Administration (FDA) has classified recalls by Hamilton Medical and Megadyne as Class 1 events, the most severe category indicating risk of serious injury or death. According to the agency’s July 11 report, Hamilton Medical is correcting software for its HAMILTON-C6 Medical Ventilator to…

Read More

Editor's Note Although SecurityScorecard gave the US healthcare a “better than expected” B+ rating for cybersecurity in 2024, the supply chain cybersecurity firm also highlighted significant risks in application and endpoint security, HealthcareIT News reported June 25.   Overall, 35% of third-party data breaches in 2023 affected healthcare organizations, the…

Read More

Editor's Note A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA). The attackers target employee email accounts to access login information…

Read More

Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…

Read More

Editor's Note Change Healthcare has started to notify health care providers about patient data stolen in the February cyberattack and announced plans to mail affected individuals as well. A unit of UnitedHealth Group, the organization issued the update June 20. “CHC is providing this notice now to help individuals understand…

Read More

Editor's Note The Centers for Medicare & Medicaid Services (CMS) has announced assistance for providers affected by the Change Healthcare cyberattack ends next month. According to the June 17 announcement, payments under the Accelerated and Advance Payment (AAP) Program for the Change Healthcare/Optum Payment Disruption (CHOPD) will end July 12,…

Read More

Editor's Note Microsoft and Google announced they will offer free or discounted cybersecurity services to rural hospitals in the U.S. to help protect against cyberattacks, CNN reported on June 10. According to the article, Microsoft will provide free security updates, assessments, and staff training, while Google will offer free cybersecurity…

Read More